CLAIM AMENDMENTS 

This listing of claims will replace all prior versions and listings of claims in 
the application. 

Listing of Claims: 

1.-8. (Canceled) 

9. (Currently Amended): A method executed on a single local machine having a 
processor executing computer-executable instructions stored in a memory, the 
method comprising : 

initializing, by a native operating system (OS) on a-the local machine, a 
logon user interface (UI); 

initializing, with the logon UI on the single local machine, a plurality of 
different coexisting credential provider modules, each for translating respectively 
different types of credentials into a common credential protocol, the common 
credential protocol being compatible with the native OS of the local machine, 
each said credential provider module enab l ing logging a user to l og on with the 
native OS on the local machine via the logon UI to access the local machine 
using one of a plurality of corresponding different input devices that ore copob l c 
of being in communication with the local machine; 

receiving a first said credential from the user at a first one of said input 
devices in communication with the local machine; 
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translating the first credential with a first one of said credential provider 
modules corresponding to the first input device that is in communication with the 
local machine; 

communicating the translated first credential having the common 
credential protocol through a credential provider Application Program Interface 
(API) to the logon UI of the native OS, wherein the credential provider API is 
configured to interface with each of the plurality of different coexisting credential 
provider modules; 

passing the translated first credential having the common credential 
protocol to an OS logon module of the native OS from the logon UI; 

calling the OS logon module for the native OS to authenticate the 
translated credential having the common credential protocol against a credential 
database; and 

logging the user on with the native OS to access the local machine when 
the authentication is successful. 

10. (Previously Presented): The method as defined in Claim 9, wherein the 
logging on of the user further comprises logging the user on to the local machine 
after one or more additional said credentials have been received, translated by a 
respective said different coexisting credential provider module, and authenticated 
successfully, in addition to said first credential. 
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11. (Original): The method as defined in Claim 9, wherein the user is not logged 
on to the local machine at the time when the translated credentials are 
authenticated. 

12. (Previously Presented): The method as defined in Claim 9, wherein the use 
of the OS logon module of the native OS to authenticate the translated first 
credential having the common credential protocol against the credential database 
further comprises: 

communicating the translated credential to an LSA; and 
determining the authentication with the LSA against the credential 
database that is selected from the group consisting of: 
a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. . 

13. (Currently Amended): The method as defined in Claim 9, further comprising: 

initializing one or more pre-logon access provider (PLAP) modules at the 
local machine coexisting with said credential provider modules, each PLAP 
module being interoperab l e operating with the OS of the local machine,, fer 
enabling so that t he user te-selects a logon connection type out of a plurality of 
available looon connection types for establishing a network connection; and 
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establishing* by a selected one of said one or more PLAP modules* a 
network connection from the local machine to a domain using the translated first 
credential. 

14. (Original): A computer-readable medium comprising instructions that, when 
executed by a computer, perform the method of Claim 9. 

15. - 16. (Canceled) 

17. (Currently Amended): A method executed on a single local machine having a 
processor executing computer-executable instructions stored in a memory, the 
method comprising: 

initializing, by a native operating system (OS) on a-the local machine, a 
logon user interface (UI); 

initializing, with the logon UI on the single local machine, a plurality of 
different coexisting credential provider modules, each said credential provider 
module configured to perform a translation of a respectively different type of 
credential received at a different type of input device in communication with the 
local machine for translating the respectively different types of credentials into a 
common credential protocol, the common credential protocol being compatible 
with the native OS of the local machine, wherein each said credential provider 
module cnobles loos a user to l og on with the native OS on the local machine via 
the logon UI to access the local machine using one of a plurality of 



Serial No.: 10/693,585 

Atty Docket No.: MS1-1819US 

Atty/Agent: Colin Barnta 



-5- 



Th» Business nf IP 



corresponding different input devices thot arc capab l e of being in communication 
with the local machine; 

receiving a first credential from the user at a first one of said input devices 
in communication with the local machine; 

translating the first credential with a first one of said credential provider 
modules that corresponds to the first input device; 

communicating the translated first credential having the common 
credential protocol through a credential provider interface to the logon UI of the 
native OS, wherein the credential provider interface is configured to interface 
with each of the plurality of coexisting different said credential provider modules; 

passing the translated first credential having the common credential 
protocol to a logon routine of the native OS from the logon UI; 

authenticating the translated first credential against a credential database 
with the logon routine of the native OS; and 

logging the user on to access the local machine with the native OS when 
the authentication is successful. 

18. (Previously Presented): The method as defined in Claim 17, wherein the 
logging on of the user to access the local machine with the native OS further 
comprises deferring the logging on of the user to access the local machined until 
the receiving, the translating, the communicating, the passing, and the 
authenticating successfully have been repeated for at least one more additional 
said credentials in addition to said first credential. 
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19. (Previously Presented): The method as defined in Claim 17, wherein the 
user is not logged on to access the local machine until after the translated first 
credential is authenticated against the credential database with the logon routine 
of the native OS. 

20. (Previously Presented): The method as defined in Claim 17, wherein the 
authenticating of the translated first credential against the credential database 
with the logon routine of the native OS further comprises: 

communicating the translated credential to an LSA from the logon routine 
of the native OS; and 

determining the authentication with the LSA against the credential 
database that is selected from the group consisting of: 

a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. 

21. (Original): A computer-readable medium comprising instructions that, when 
executed by a computer, perform the method of Claim 17. 

22. (Currently Amended): A computer-readable medium comprising a plurality of 
different coexisting credential provider modules initialized with a logon user 
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interface (UI) by a native operating system (OS) on a single local machine, each 
including instructions that, when executed by the local machine, receive and 
translate a credential into a common credential protocol so as to be compatible 
for authentication by an authentication component of the native OS against a 
credential database for logging a user identified by the credential on with the 
native OS to access the local machine when the authentication is successful, 
wherein: 

the translated credential is received via a credential provider Application 
Programming Interface (API) of the authentication component of the native OS; 

the credential provider API of the authentication component of the native 
OS is compatible for receiving each of a plurality of said credentials from a 
corresponding plurality of different coexisting credential provider modules; and 

each said different coexisting credential provider module ea ft is configured 

to: 

receive a respective different type of said credential from a respective 
input device, each respective input device capable of coupling to the local 
machine* and enab li ng wherein the user te- selects one or more of the input 
devices for logging leg-on with the native OS to access the local machine; and 

translate each said different type of said credential into the credential 
protocol so as to be compatible for authentication by the authentication 
component of the native OS against the credential database. 

23. (Previously Presented): The computer-readable medium as defined in Claim 
22, wherein the authentication component of the native OS comprises: 
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the logon UI; 

an OS logon module for receiving Remote Procedure Call (RPC) calls from 
the logon UI module; and 

an LSA for determining the authentication, and in communication with, the 
credential database that is selected from the group consisting of: 

a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. 

24. - 32. (Canceled) 

33. (Currently Amended): A method executed on a single local machine having a 
processor executing computer-executable instructions stored in a memory, the 
method comprising: 

initializing, by a native operating system (OS) on a-the local machine, a 
logon user interface (UI); 

initializing, with the logon UI on the single local machine, a plurality of 
different coexisting credential provider modules, each said credential provider 
module configure d to performing a translation of a respectively different type of 
credential received at one of a plurality of different types of input devices in 
communication with the local machine for translating the respectively different 



Serial No.: 10/693,585 

Atty Docket No.: MS1-1819US 

Atty/Agent: Colin Barnitz 



-9- 



tee&hayes Th« Business of IP 



types of credentials into a common credential protocol, the common credential 
protocol being compatible with the native OS of the local machine, wherein each 
said credential provider module enables logs a user to l og on with the native OS 
on the local machine via the logon UI to access the local machine using one of 
the plurality of corresponding different input devices in communication with the 
local machine; 

receiving a first credential from the user at a first said input device in 
communication with the local machine; 

receiving a second credential from the user at a second said input device 
in communication with the local machine; 

translating the first credential into the common credential protocol using a 
first one of the credential provider modules corresponding to the first input 
device that is in communication with the local machine; 

translating the second credential into the common credential protocol 
using a second one of the credential provider modules corresponding to the 
second input device that is in communication with the local machine; 

using a component of the OS to authenticate the translated first credential 
and second credential having the common credential protocol against a 
credential database; and 

logging the user on with the OS to access the local machine when the 
authentication of both the first credential and the second credential is successful. 
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34. (Currently Amended): A method executed on a single local machine having a 
processor executing computer-executable instructions stored in a memory, the 
method comprising: 

initializing, by a native operating system (OS) on a-the local machine, a 
logon user interface (UI); 

initializing with the logon UI on the single local machine a plurality of 
different coexisting credential provider modules, each for translating respectively 
different types of credentials into a common credential protocol, the common 
credential protocol being compatible with the native OS of the local machine, 
each said credential provider module enab li ng logging a user to l og o n with the 
native OS on the local machine via the logon UI to access the local machine 
using one of a plurality of corresponding different input devices thot ore copob l c 
of being in communication with the local machine; 

initializing one or more pre-logon access provider (PLAP) modules at the 
local machine coexisting with said credential provider modules, each PLAP 
module be i ng intcropcroblQ operating with the OS of the local machine fef 
enab l ing so_thaLthe user te-selects a logon connection type out of a plurality of 
logon connection types for establishing a network connection; 

receiving a first said credential from the user at a first one of said input 
devices in communication with the local machine; 

translating the first credential with a first one of said credential provider 
modules corresponding to the first input device that is in communication with the 
local machine; 
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establishing^ by a selected one of said PLAP modules,, a network 
connection from the local machine to a domain using the translated first 
credential; 

communicating the translated first credential having the common 
credential protocol through a credential provider interface to the logon UI of the 
native OS, wherein the credential provider interface is configured to interface 
with each of the plurality of coexisting different said credential provider modules; 

passing the translated first credential having the common credential 
protocol to a logon routine of the native OS from the logon UI; 

authenticating the translated first credential against a credential database 
with the logon routine of the native OS; and 

logging the user on to access the local machine with the native OS when 
the authentication is successful. 

35. (Currently Amended): A method executed on a single local machine having a 
processor executing computer-executable instructions stored in a memory, the 
method comprising: 

initializing, by a native operating system (OS) on a local machine, a logon 
user interface (UI); 

initializing, with the logon UI on the single local machine, a plurality of 
different coexisting credential provider modules, each said credential provider 
module configured to perform a translation of a respectively different type of 
credential received at a different type of input device in communication with the 
local machine for translating the respectively different types of credentials into a 
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common credential protocol, the common credential protocol being compatible 
with the native OS of the local machine, wherein each said credential provider 
module enab l es loos a user to l og on with the native OS on the local machine via 
the logon UI to access the local machine using one of a plurality of available 
corresponding different input devices that ore capable of being in communication 
with the local machine; 

al l owing a uGor to choose choosing, bv a user, one or more of said 
plurality of different types of input devices to be used f or logging on from among 
the plurality of available different input devices : 

receiving a first credential from the user via a selected c hosen first one of 
said input devices in communication with the local machine; 

translating the first credential into the common credential protocol 
compatible with the native OS of the local machine with a first one of said 
credential provider modules that corresponds to the chosen first input device; 

communicating the translated first credential having the common 
credential protocol through a credential provider interface to the logon UI of the 
native OS, wherein the credential provider interface is configured to interface 
with each of the plurality of coexisting different said credential provider modules; 

passing the translated first credential having the common credential 
protocol to a logon routine of the native OS from the logon UI; 

authenticating the translated first credential against a credential database 
with the logon routine of the native OS; and 

logging the user on to access the local machine with the native OS when 
the authentication is successful. 
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